Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rzbGrD0QdHbppyvd3mKVTnDzSy0.roa
File: rzbGrD0QdHbppyvd3mKVTnDzSy0.roa (raw, json)
Hash identifier: fsJPmqSicGsXiWZ1QaEV+dXq0kwjMMcE9PuW0pn1KUA=
Subject key identifier: AF:36:C6:AC:3D:10:74:76:E9:A7:2B:DD:DE:62:95:4E:70:F3:4B:2D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01849EE37A7EC3B46D9276A70B8A339F404A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rzbGrD0QdHbppyvd3mKVTnDzSy0.roa
Signing time: Tue 22 Nov 2022 10:30:18 +0000
ROA not before: Tue 22 Nov 2022 10:30:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29066
IP address blocks: 194.87.165.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9e:e3:7a:7e:c3:b4:6d:92:76:a7:0b:8a:33:9f:40:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 22 10:30:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af36c6ac3d107476e9a72bddde62954e70f34b2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a3:ad:96:99:2f:d3:81:38:2e:b6:be:b7:70:
33:b5:96:9d:91:47:18:0a:f6:43:45:5b:5d:3a:99:
72:83:c5:24:58:d3:8b:fc:ee:da:6d:3f:77:f3:3f:
b2:cb:64:6c:ec:18:0e:0f:53:13:9b:bd:0b:ba:3a:
0a:bf:bd:93:46:b5:d5:3c:12:30:f8:0d:43:21:85:
5f:e6:82:dd:7c:75:31:0a:c3:71:bb:1c:e6:df:b8:
0d:24:10:07:b3:ef:30:d4:52:ca:11:9b:c8:c0:77:
20:17:b4:c3:c3:00:36:ca:60:0c:d6:02:ce:f9:dc:
dc:99:d4:dd:71:61:de:34:2d:da:4a:b2:10:91:03:
d7:4a:5c:7c:59:22:cc:53:05:e6:cb:69:64:84:6c:
6d:df:ef:a4:78:da:fd:26:01:0a:f1:c7:36:0f:b1:
7a:cf:54:d8:99:0f:b2:c3:30:56:5f:b3:60:89:a0:
4b:06:17:65:1a:28:52:25:c4:24:01:16:20:3b:76:
21:09:e6:05:ba:e3:cd:e1:cb:0c:df:f8:ce:40:c3:
d8:1f:c7:be:17:9d:d6:e1:4f:b9:0d:64:85:c6:2a:
59:14:ac:ec:d5:cd:dd:83:d6:e3:d7:ee:45:6a:e2:
35:bf:59:71:ba:a7:09:0f:13:cc:5d:e9:15:e8:dd:
9f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:36:C6:AC:3D:10:74:76:E9:A7:2B:DD:DE:62:95:4E:70:F3:4B:2D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rzbGrD0QdHbppyvd3mKVTnDzSy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.165.0/24
Signature Algorithm: sha256WithRSAEncryption
09:f2:3d:55:34:c4:84:54:02:29:07:79:3f:40:5d:e7:29:20:
60:1f:af:22:d2:c6:bc:55:99:d5:49:21:d1:9e:cd:41:d6:35:
94:6d:68:fd:98:d2:62:5e:0b:a8:f1:43:9c:2a:df:08:f3:a5:
33:f5:58:1f:a6:85:81:41:04:de:dd:fd:24:a8:ff:2a:8b:07:
c7:fa:8b:55:8b:3a:a2:27:96:ad:76:8b:54:f4:30:68:33:05:
32:1e:bd:3f:46:33:9f:9c:d3:5b:20:c8:28:48:ac:29:88:5a:
a7:47:4e:9f:95:26:c1:45:39:d7:8f:03:c0:8d:01:9b:63:5c:
f6:a1:78:0c:f3:fa:31:9b:df:3f:64:e8:d1:f3:a3:d4:97:f8:
e7:4d:fe:c9:f9:95:e9:c9:ac:e0:19:9b:fb:3e:bf:dd:b4:ab:
66:a9:6e:3f:85:95:b8:19:24:d8:6e:7f:63:54:db:50:f2:a7:
8a:19:bb:10:54:7a:5e:d3:52:d7:c3:34:1b:8c:16:47:f3:71:
4f:44:e8:9c:7b:02:9c:e8:4f:ea:44:21:e7:f1:0d:2e:fb:40:
96:ae:b9:10:0a:9e:c1:28:c8:5b:40:8c:06:a8:d2:db:5a:79:
09:0c:43:9f:10:94:e3:19:db:5a:5e:39:2f:17:ab:cf:9f:d4:
26:13:5a:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSe43p+w7RtknanC4ozn0BKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTIyMTAzMDE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjM2YzZhYzNkMTA3NDc2ZTlhNzJiZGRkZTYyOTU0ZTcwZjM0YjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaOtlpkv04E4Lra+t3AztZadkUcY
CvZDRVtdOplyg8UkWNOL/O7abT938z+yy2Rs7BgOD1MTm70LujoKv72TRrXVPBIw
+A1DIYVf5oLdfHUxCsNxuxzm37gNJBAHs+8w1FLKEZvIwHcgF7TDwwA2ymAM1gLO
+dzcmdTdcWHeNC3aSrIQkQPXSlx8WSLMUwXmy2lkhGxt3++keNr9JgEK8cc2D7F6
z1TYmQ+ywzBWX7NgiaBLBhdlGihSJcQkARYgO3YhCeYFuuPN4csM3/jOQMPYH8e+
F53W4U+5DWSFxipZFKzs1c3dg9bj1+5FauI1v1lxuqcJDxPMXekV6N2f8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK82xqw9EHR26acr3d5ilU5w80stMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcnpiR3JEMFFkSGJwcHl2ZDNtS1ZUbkR6U3kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlelMA0G
CSqGSIb3DQEBCwUAA4IBAQAJ8j1VNMSEVAIpB3k/QF3nKSBgH68i0sa8VZnVSSHR
ns1B1jWUbWj9mNJiXguo8UOcKt8I86Uz9VgfpoWBQQTe3f0kqP8qiwfH+otVizqi
J5atdotU9DBoMwUyHr0/RjOfnNNbIMgoSKwpiFqnR06flSbBRTnXjwPAjQGbY1z2
oXgM8/oxm98/ZOjR86PUl/jnTf7J+ZXpyazgGZv7Pr/dtKtmqW4/hZW4GSTYbn9j
VNtQ8qeKGbsQVHpe01LXwzQbjBZH83FPROicewKc6E/qRCHn8Q0u+0CWrrkQCp7B
KMhbQIwGqNLbWnkJDEOfEJTjGdtaXjkvF6vPn9QmE1qN
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:07 2023 by rpki-client on console-ams.rpki-client.org